[Gnso-epdp-team] For your review - Clarifying Legal Questions Table

Stephanie Perrin stephanie.perrin at mail.utoronto.ca
Sat Jun 1 00:12:13 UTC 2019


If I may comment on this particular boiling down:

1)  The accuracy in data subjects' rights is a general right that they have to ensure the data controller collects the data accurately, and keeps it so.  They have a right to correct in the event of failure in this regard

2) When a data subject requests access to their data, they should not be steered to the RDS.  They should get what we used to call their "file"....the whole shebang, including their financial data, correspondence etc.  Of course if they only ask for certain elements of their data, fine, give a subset.  That "file" is normally held by the entity with whom they transact their registrations, often a reseller.  There is currently, at least in my view, a distinct lack of clarity in the relationships between accredited registrars and resellers, and it is not clear how much of that "file" the accredited registrar needs to have under its control.

I think it is important that we not treat data subjects as just another requestor of data with a right provided under the GDPR.  The system we are building is for third parties, and data subjects are first parties.

Kind regards, Stephanie Perrin

On 2019-05-30 19:19, King, Brian via Gnso-epdp-team wrote:
Hi all,

I boil this down to a couple key facts:

1) Data subjects have a right to data accuracy under GDPR, and 2) the data analysis shows that they’re not getting it in today’s registration data system (56% is a failing score by any measure, and especially in the context of fundamental rights). So accuracy falls squarely within the context of this EPDP.

As it pertains to third parties, I suppose it’s fair to distinguish between a data subject’s _right_ and a third party’s _need_ for accurate data, but third-party needs are also provided for under GDPR, so the distinction is irrelevant as to whether they’re in scope for this EPDP. For example, an EBERO may not have an explicit, GDPR-given right to registration data, but the EBERO needs accurate data in order to allocate the domain name to its rightful owner when a registry implodes. This processing might be on a 6.1(a),(b),(e), or other basis; regardless, it’s a GDPR-compliant processing need. A phishing victim may not have an explicit, GDPR-given right to registration data, but EU case law is clear that pursuit of a legal claim wins the 6.1(f) test over privacy interests, so the victim has a GDPR-compliant processing need for accurate data to know who to name as defendant and where to file the lawsuit.

So, accuracy and third-party needs are both in scope.

I’m happy to answer any questions and/or work with the legal committee to prioritize any questions to the Birdies as the EPDP team deems prudent.

Brian J. King
Director of Internet Policy & Industry Affairs
MarkMonitor / Part of Clarivate Analytics
Phone: +1 (443) 761-3726
brian.king at markmonitor.com<mailto:brian.king at markmonitor.com>

From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org><mailto:gnso-epdp-team-bounces at icann.org> On Behalf Of Mueller, Milton L
Sent: Thursday, May 30, 2019 1:47 PM
To: Margie Milam <margiemilam at fb.com><mailto:margiemilam at fb.com>; Georgios.TSELENTIS at ec.europa.eu<mailto:Georgios.TSELENTIS at ec.europa.eu>; vgreimann at key-systems.net<mailto:vgreimann at key-systems.net>
Cc: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table

Margie

Your numbers show a decline in the accuracy of Whois reg data PRIOR to the implementation of the temp spec (June 2018 - temp spec went into effect late May 2018)

That's interesting. So - all that indiscriminate public disclosure and all those policy measures intended to force registrants upon pain of death (of their registration) failed to maintain the desired level of accuracy. Very interesting indeed.

Did it ever occur to you that the indiscriminate publication of Whois data might actually _cause_ much of the inaccuracy, by undermining the registrant's willingness to provide accurate data?

Anyway I do not see what relevance this has to the EPDP's main project, which is to make the Whois GDPR compliant. First, the data do not measure the impact of GDPR compliance. Second, numerous people on this list have proven, again and again, that accuracy in GDPR is a data subject's right not a third party's right. Hence, ICANN policies intended to make the data accurate for third party demands have little to do with GDPR compliance.

Insofar as current ICANN policy relies on GDPR-violating methods to ensure accuracy (e.g. publication of all data) those methods must be modified.
Insofar as current ICANN policies designed to ensure accuracy are compliant with GDPR, then they can and will remain in place until modified by some other PDP. Ergo, ICANN's accuracy policies are not relevant to this proceeding. (Sorry, Georgios)

--MM

________________________________
From: Margie Milam <margiemilam at fb.com<mailto:margiemilam at fb.com>>
Sent: Thursday, May 30, 2019 12:46 PM
To: Georgios.TSELENTIS at ec.europa.eu<mailto:Georgios.TSELENTIS at ec.europa.eu>; vgreimann at key-systems.net<mailto:vgreimann at key-systems.net>; Mueller, Milton L
Cc: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table


Georgios & All –



Thank you for the reply.   With regard to accuracy – please note that the latest accuracy report posted by ICANN in June, 2018 noted a decline in accuracy rates.  It reported that only 56% of domains passed all operability tests, a decrease from Cycle 5  (63% in Dec 2017).   With a 44% inaccuracy rate – this points to the need for us to examine whether the current rules/policies incorporated in the ICANN contracts are robust enough to produce a GDPR compliant system.



All the best,

Margie





From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org<mailto:gnso-epdp-team-bounces at icann.org>> on behalf of "Georgios.TSELENTIS at ec.europa.eu<mailto:Georgios.TSELENTIS at ec.europa.eu>" <Georgios.TSELENTIS at ec.europa.eu<mailto:Georgios.TSELENTIS at ec.europa.eu>>
Date: Thursday, May 30, 2019 at 4:12 AM
To: "vgreimann at key-systems.net<mailto:vgreimann at key-systems.net>" <vgreimann at key-systems.net<mailto:vgreimann at key-systems.net>>, "milton at gatech.edu<mailto:milton at gatech.edu>" <milton at gatech.edu<mailto:milton at gatech.edu>>
Cc: "gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>" <gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>>
Subject: Re: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table



Dear Volker,  Milton, EPDP colleagues,

I am reading with great interest the reactions to the clarification questions we sent, in particular regarding accuracy. The mere fact that the community has different understandings as to what exactly it means in the WHOIS policy reform under GDPR begs for asking those questions and not putting the issue (again) under the carpet. We might come with an outcome that current accuracy measures are sufficient for WHOIS GDPR compliance, or that we need more to do. Anyhow at this stage those are clarification questions not a policy per se so I would welcome first the legal counsel to provide some informed opinion before any community jumping to conclusions.

Best regards,

Georgios





From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org<mailto:gnso-epdp-team-bounces at icann.org>> On Behalf Of Volker Greimann
Sent: Wednesday, May 29, 2019 6:54 PM
To: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table



Hi Margie,

the risk of the poor registrant losing his domain name due to inaccurate whois data is actually entirely of ICANNs making as contracted parties certainly do not need this data set for the purposes of maintaining the registration. We have account data for that. The only reason whois inaccuracies can cause a registrant to lose his domain is ICANN policies and contractual obligations regarding failures to update inaccurate data and registrars opting for deletion instead of deactivation (do such registrars still exist?).

For all other purposes reasonable steps are already being taken, as I explained in my previous mail.

Best,

Volker

Am 29.05.2019 um 18:38 schrieb Margie Milam:

Hi Chris and all –



To answer your question, the legal advice provided by Bird & Bird  on accuracy addresses this issue and notes that there is a positive obligation on the controller to ensure the data is accurate depending on the circumstances and the consequences of processing inaccurate data. It also notes that a controller may have to get independent confirmation where the impact is particularly significant.  In addition, the issue of data accuracy as part of a GDPR compliant system was also raised by the European Commission in its recent comments to the Board.



In the case of domain names, the consequence of inaccurate data affects not just the registrant (who could lose its domain name), but those that may be trying to resolve technical issues, cyber-crime or consumer protection issues.   We also have numerous studies conducted by ICANN over the last decade that show unacceptable levels of accuracy in the WHOIS system.  This is why the question of accuracy was pushed to Phase 2 in our Phase 1 Final Report so that we could explore these issues further.  See Footnote 6 where it says:  The topic of accuracy as related to GDPR compliance is expected to be considered further as well as the WHOIS Accuracy Reporting System.





All the best,

Margie



From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org><mailto:gnso-epdp-team-bounces at icann.org> on behalf of Chris Disspain <chris.disspain at board.icann.org><mailto:chris.disspain at board.icann.org>
Date: Tuesday, May 28, 2019 at 9:48 AM
To: "gnso-epdp-team at icann.org"<mailto:gnso-epdp-team at icann.org> <gnso-epdp-team at icann.org><mailto:gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table



Greetings All,



I’m a little confused by this discussion. Apologies in advance if the below is wrong or naive or has been covered before.



I don’t understand the connection between accuracy and GDPR.



The regulations govern a registrars right to collect the data and what they can do with it. Assuming they have that right under GDPR, the registrants obligation to provide them with *accurate* data is not governed by GDPR but rather the contractual relationship between registrar and registrant and the registrar is entitled to require accurate information from the registrant pursuant to that. The registrar can also require the updating of changed information and/or proactively seek re-confirmation of accuracy. And ICANN, in its contract with a registrar, can require that registrar to require the registrant to provide accurate information.



Other than governing the right to collect the information (and what can be done with it) does GDPR have some other role that I’m missing?

Cheers,



Chris

On 28 May 2019, at 17:23, Volker Greimann <vgreimann at key-systems.net<mailto:vgreimann at key-systems.net>> wrote:

Didn't we have (and settle) the same argument about six months ago?

This principle is a protection of the data subject. When we create personal data from the data provided to us by the data subject or a third party, we must ensure we store it accurately and our processing does not falsify it.

As such, the contractual provision that the data subject must provide to us accurate data (and keep uit updated when it changes) and the confirmation of the accuracy by the data subject is sufficient for our purposes and therefore reasonable in accordance with this principle.

The principles protect the data subject, not third parties.

Can we now please stop going over old settled issues?

Volker

Am 28.05.2019 um 18:06 schrieb Greg Aaron:

Milton, no, the word “accuracy” does not appear only in GDPR Article 18.  It appears most prominently in Article 5, which says:



Art. 5 GDPR Principles relating to processing of personal data

"1. Personal data shall be: ... (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);…

2.  The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 (‘accountability’).”



There has been discussion in legal and GDPR compliance communities that the above means all of these:

a) Controllers have some responsibilities to take positive steps to ensure data collected from subjects is accurate.

b) Organizations must allow data subjects to rectify inaccuracies. (Your point.)

c) The data controller must carefully consider any challenges to the accuracy of information – no matter where that challenge comes from.

d) Organizations must identify essential steps to erase or rectify inaccurate data without delay.  And,

e)  Within some limits, the parties to a Date Sharing Agreement are free to agree on terms and conditions applicable to their sharing of data – for example specific obligations and warranties about the accuracy and completeness of data.



How far the above extend, and how they apply to RDS data, is a Phase 2 subject for exploration.



GDPR certainly discourages the submission or maintenance of data that is incorrect or misleading.  And Article 5 seems to mean more than “trust implicitly whatever the data subject says, and correct the data only if the data subject itself requests.”   The GDPR may contain some balancing mechanisms here, and proportionality is a general principle of EU law.



So, given all that, and because there’s not a common understanding within our group, these issues are definitely good ones to ask Bird & Bird about.



All best,

--Greg







From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org><mailto:gnso-epdp-team-bounces at icann.org> On Behalf Of Mueller, Milton L
Sent: Saturday, May 25, 2019 9:18 AM
To: Georgios.TSELENTIS at ec.europa.eu<mailto:Georgios.TSELENTIS at ec.europa.eu>; caitlin.tubergen at icann.org<mailto:caitlin.tubergen at icann.org>
Cc: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table



Dear Georgios and colleagues:



I think the questions related to accuracy below are not worth sending to the lawyers.

They are based on a fundamental misconception, one which we have identified many times. Accuracy in GDPR and other data protection law is a right _of the data subject_, not a right of third parties to accurate data about the data subject.



To prove this, beyond a shadow of the doubt, let me note that the word “accuracy” appears in GDPR in only two places, in Art 18.



Article 18, Right to restriction of processing:

-----------------------------------------------------------

“The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies: the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;”



So data subjects can contest the accuracy of data about them, or require controllers to verify its accuracy. There is NO OTHER reference to accuracy in the entire GDPR.



Georgios’s questions are based on the assumption that third parties have a right to accurate contact data about the data subject. That assumption was embedded in the old Whois and pre-GDPR Whois accuracy policies, all of which were predicated on indiscriminate publication of the contact data to any and all third parties. That regime is gone. And it’s recognized even by the most militant pro-surveillance interests that such indiscriminate disclosure is illegal.



Likewise, Georgios asks about liability under Article 82 of GDPR. Again all we need to do is actually read Art 82 to find the answer:

Article 82 says “Any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered.” So this is a right of PERSONS (data subjects) to compensation based on illegal acts of controllers and processors of THEIR data. It is not a right of third parties to accurate information about the data subject, and it certainly creates no liability for controllers or processors for the inaccuracy of the registrants’ data.

Dr. Milton L Mueller

Georgia Institute of Technology

School of Public Policy







From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org<mailto:gnso-epdp-team-bounces at icann.org>> On Behalf Of Georgios.TSELENTIS at ec.europa.eu<mailto:Georgios.TSELENTIS at ec.europa.eu>
Sent: Friday, May 24, 2019 7:02 PM
To: caitlin.tubergen at icann.org<mailto:caitlin.tubergen at icann.org>
Cc: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table



Dear Caitlin, colleagues,



Please find below questions on the topics of the legal memos from the GAC:

Accuracy

.       If current verification statistics provide that a large number of data is inaccurate isn't that a metric to deduce that the accuracy principle is not served in a reasonable manner as demanded by the GDPR?

.       According to the GDPR all personal data are processed based on the principle that they are necessary for the purpose for which they are collected. If those data are necessary, how can the purpose be served while the data are inaccurate?

.       Can you provide an analysis on the third-parties mentioned in para 19 on which "ICANN and the relevant parties may rely on to confirm the accuracy of personal data if it is reasonable to do so"? Do they become in such a scenario data processors?

.       How does the accuracy principle in connection to the parties' liability has to be understood in light of the accountability principle of the GDPR? What are the responsibilities of ICANN and the contracted parties (who are subject to the GDPR) under Chapter IV pf the GDPR? If the contracted parties (as data controllers) engage third entities as processors (e.g. to provide data back-up services), what are the responsibilities of these entities? What does this mean in terms of liabilities (in light of Art. 82 GDPR)?

.       While in the first place it is up to the registrants to provide accurate details about themselves and it is up to the registrants not to mistakenly identify themselves as natural or legal persons, the Memo on "Natural vs Legal persons" provides interesting ideas/suggestions for the contracted parties to proactively ensuring the reliability of information provided, including through measures to independently verify the data. Could similar mechanisms be identified also for ensuring the reliability of the contact details of the registrant? Can best practices be drawn from the ccTLD?



Natural or non-natural persons

.       How is the (inaccurate or accurate) designation by the registrant about her status as non-natural person considered personal data information? If it's not is the analysis about whether the accuracy principle applies relevant?

.       How would the analysis provided take into account the possibility for registrants who are natural persons to "opt-in" for a full publication of their personal data? Indeed it might be the case that some of these registrants might wish to ensure their details are available on WHOIS.



Technical contact

Most of the issue for not allowing this seems to be around the inability to verify if the RNH has obtained consent from the technical contact. When the CP's verify the email address could consent also be confirmed for the term of the registration?



General question:

.       How could anonymisatio/pseudonymisation techniques be of help in complying with the GDPR while also allowing for additional disclosure of certain data elements? E.g. use of anonymised/pseudonymised emails and names, in particular in the context of registrations by legal persons.



Apologies again for the delay of our submission.

Georgios Tselentis (GAC-EPDP)



From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org<mailto:gnso-epdp-team-bounces at icann.org>> On Behalf Of Caitlin Tubergen
Sent: Wednesday, May 22, 2019 5:22 PM
To: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>
Subject: [Gnso-epdp-team] For your review - Clarifying Legal Questions Table



Dear EPDP Team,



Following up on an action item from our last meeting, please find attached a table which organizes the clarifying legal questions received to date. We will discuss the table during our next meeting.



Please note that the deadline for submitting additional clarifying questions is before 14:00 UTC on Thursday, 23 May. If additional questions come in before the deadline, we will update the table accordingly.



Thank you.



Best regards,



Marika, Berry, and Caitlin








_______________________________________________

Gnso-epdp-team mailing list

Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>

https://mm.icann.org/mailman/listinfo/gnso-epdp-team<https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Depdp-2Dteam&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=KsnUZFZN_ds3hfDU81KaQh1PouUijCAV1NUDwpIOsAg&e=>

_______________________________________________

By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=FwUQq5l0Y2FAOewYgUPeC3ZpkOkUcsYGbDQDGdrn51g&e=>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=DIqsoPEEZERBjh2YW7dICqGWkBj7ALzyba1voyOPzMk&e=>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

--
Volker A. Greimann
General Counsel and Policy Manager
KEY-SYSTEMS GMBH

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.key-2Dsystems.net&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=hwQnHWrq0qIdx6kVhoowbCd4SZ1nSrXYOX7R9KBc0JM&e=>

Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.

_______________________________________________
Gnso-epdp-team mailing list
Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-epdp-team<https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Depdp-2Dteam&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=KsnUZFZN_ds3hfDU81KaQh1PouUijCAV1NUDwpIOsAg&e=>
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=FwUQq5l0Y2FAOewYgUPeC3ZpkOkUcsYGbDQDGdrn51g&e=>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=DIqsoPEEZERBjh2YW7dICqGWkBj7ALzyba1voyOPzMk&e=>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.



_______________________________________________

Gnso-epdp-team mailing list

Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>

https://mm.icann.org/mailman/listinfo/gnso-epdp-team<https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Depdp-2Dteam&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=14PnxLXVFMTIGWWbF7k0KG1crIpW38SedNJjX9-zNn0&e=>

_______________________________________________

By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=D1dN_llu6Tbkcs62nPs2bv31b8e3lKufIbEiylp3GdI&e=>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=JH0Fkze6xob9fbzReu0Azcu6-Rq2iStP-ZCyB_jFoCo&e=>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

--
Volker A. Greimann
General Counsel and Policy Manager
KEY-SYSTEMS GMBH

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.key-2Dsystems.net&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=UhiYqnRvRppumnSvfFWK9c32gZOekoZ1T3kbYAo1WAI&e=>

Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.



_______________________________________________
Gnso-epdp-team mailing list
Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-epdp-team
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190601/496d74dd/attachment-0001.html>


More information about the Gnso-epdp-team mailing list